Eye of the Storm has a post on account security:
After two more guildmates got hacked last week, I decided to check and change my account security. I’ve used an authenticator since shortly after they were released, which I think is 90% of the protection that can be applied.
The other 10% is a combination of obvious email addresses, spyware, and repeated passwords for different purposes.
Here’s the rest: Account Change to Avoid Hacks
My son’s account has been hacked twice, recently. The first wasn’t so bad. They leveled his DK to 80 and he was able to get his stuff back from Blizzard. He stopped the second before any damage was done.
So we now use the authenticators and I think I may change some account data.
Amazon.com has the authenticator for $50 (!) but if you want to save a few coppers you can get yours from Blizzard for $6.50 (no, that’s not a typo.) Click here’s for the Bliz store.
It’s easy to use. You’ll connect it to your battle.net account (directions are included with the device) and then, every time you log in, you’ll be prompted for the 6 digit code the the authenticator generates. Enter that and in you go.